packages feed

intricacy 0.8.0 → 0.8.0.1

raw patch · 6 files changed

+27/−31 lines, 6 filesdep +cryptonitedep +memorydep −RSAdep −crypto-apidep −crypto-pubkey-typesdep ~safe

Dependencies added: cryptonite, memory

Dependencies removed: RSA, crypto-api, crypto-pubkey-types, cryptohash

Dependency ranges changed: safe

Files

Database.hs view
@@ -23,9 +23,9 @@ import           System.FilePath import           System.IO -import           Crypto.Hash                (Digest, SHA1,-                                             digestToHexByteString, hashlazy)-import           Crypto.Types.PubKey.RSA    (PrivateKey, PublicKey)+import           Crypto.Hash                (Digest, SHA1, hashlazy)+import           Crypto.PubKey.RSA.Types    (PrivateKey, PublicKey)+import           Data.ByteArray.Encoding    (Base (..), convertToBase)  import           Lock import           Metagame@@ -36,6 +36,7 @@ sha1 = hashlazy hash :: String -> String hash = CS.unpack . digestToHexByteString . sha1 . CL.pack+    where digestToHexByteString = convertToBase Base16  data Record     = RecPasswordLegacy Codename
Interact.hs view
@@ -35,9 +35,9 @@ import           System.Directory import           System.FilePath -import           Codec.Crypto.RSA           (encrypt)-import           Crypto.Random              (SystemRandom, newGenIO)-import           Crypto.Types.PubKey.RSA    (PublicKey)+import           Crypto.Hash.Algorithms     (SHA256 (..))+import           Crypto.PubKey.RSA.OAEP     (defaultOAEPParams, encrypt)+import           Crypto.PubKey.RSA.Types    (PublicKey)  import           AsciiLock import           Cache@@ -789,9 +789,8 @@ encryptPassword publicKey name password = msum     [ MaybeT . liftIO .         handle (\(e :: SomeException) -> return Nothing) $ do-        g <- newGenIO :: IO SystemRandom-        return . Just . CS.unpack . BL.toStrict . fst . encrypt g publicKey .-            BL.fromStrict . CS.pack $ hashed+        Right c <- encrypt (defaultOAEPParams SHA256) publicKey . CS.pack $ hashed+        return . Just . CS.unpack $ c     , confirmOrBail         "Failed to encrypt password - send unencrypted?"         >> return hashed
Protocol.hs view
@@ -13,7 +13,7 @@ import           Control.Monad import           Data.Binary -import           Crypto.Types.PubKey.RSA (PublicKey)+import           Crypto.PubKey.RSA.Types (PublicKey)  import           BinaryInstances import           Lock
Server.hs view
@@ -26,6 +26,7 @@ import           Control.Monad.Trans.Reader import           Control.Monad.Trans.State import           Data.Array+import           Data.Bifunctor             (bimap) import qualified Data.Binary                as B import qualified Data.ByteString.Char8      as CS import qualified Data.ByteString.Lazy       as BL@@ -53,10 +54,10 @@ import           Text.Feed.Import           (parseFeedFromFile) import qualified Text.XML                   as XML -import           Codec.Crypto.RSA           (RSAError, decrypt, generateKeyPair) import qualified Crypto.Argon2              as A2-import           Crypto.Random              (SystemRandom, newGenIO)-import           Crypto.Types.PubKey.RSA    (PrivateKey, PublicKey)+import           Crypto.Hash.Algorithms     (SHA256 (..))+import           Crypto.PubKey.RSA          (generate)+import           Crypto.PubKey.RSA.OAEP     (decrypt, defaultOAEPParams)  import           Network.Mail.Mime          (plainPart) import qualified Network.Mail.SMTP          as SMTP@@ -130,17 +131,16 @@     alreadySet <- recordExists RecServerInfo     unless alreadySet $ putRecord RecServerInfo (RCServerInfo $ defaultServerInfo locksize) -rsaKeyLength = 2048- setKeyPair :: DBM () setKeyPair = do     alreadySet <- recordExists RecPublicKey     unless alreadySet $ do-        g <- liftIO newGenIO :: DBM SystemRandom-        let (publicKey, secretKey, _) = generateKeyPair g rsaKeyLength+        (publicKey, secretKey) <- liftIO $ generate 256 65537         putRecord RecPublicKey $ RCPublicKey publicKey         putRecord RecSecretKey $ RCSecretKey secretKey +-- Note: switching to cryptonite's argon2 implementation would not be+-- straightforwardsly backwards-compatible, the output format is different. argon2 :: String -> ExceptT String IO String argon2 s = either (throwE . show) return $         TSh.unpack <$> A2.hashEncoded hashOptions (CS.pack s) (CS.pack salt)@@ -406,10 +406,9 @@         decryptPassword :: String -> ExceptT String IO String         decryptPassword pw = do             RCSecretKey secretKey <- getRecordErrored RecSecretKey-            liftIO $ evaluate (CS.unpack . BL.toStrict .-                decrypt secretKey . BL.fromStrict . CS.pack $ pw)+            ExceptT . return . bimap show CS.unpack .+                decrypt Nothing (defaultOAEPParams SHA256) secretKey . CS.pack $ pw                 -- <=intricacy-0.6.2 sends the hashed password unencrypted-                `catch` \(e :: RSAError) -> return pw         convertLegacyPW :: Codename -> IO ()         convertLegacyPW name = void . runExceptT $ do             RCPasswordLegacy legacyPw <- getRecordErrored (RecPasswordLegacy name)
Version.hs view
@@ -11,4 +11,4 @@ module Version where  version :: String-version = "0.7.2"+version = "0.8.0.1"
intricacy.cabal view
@@ -1,6 +1,6 @@ cabal-version:      >=1.10 name:               intricacy-version:            0.8.0+version:            0.8.0.1 license:            GPL-3 license-file:       COPYING maintainer:         mbays@sdf.org@@ -116,11 +116,9 @@             vector >=0.9 && <0.13,             binary >=0.5 && <0.9,             network-fancy >=0.1.5 && <0.3,-            cryptohash >=0.8 && <0.12,-            safe >=0.2 && <0.4,-            RSA >=2.0 && <2.5,-            crypto-pubkey-types >=0.2 && <0.5,-            crypto-api >=0.10 && <0.14+            safe >=0.3.18 && <0.4,+            memory >= 0.11 && <0.16,+            cryptonite >= 0.16 && <0.28          if !impl(ghc >=8.0)             build-depends: semigroups ==0.18.*@@ -220,10 +218,7 @@             vector >=0.9 && <0.13,             binary >=0.5 && <0.9,             network-fancy >=0.1.5 && <0.3,-            cryptohash >=0.8 && <0.12,-            RSA >=2.0 && <2.5,-            crypto-pubkey-types >=0.2 && <0.5,-            crypto-api >=0.10 && <0.14,+            safe >=0.3.18 && <0.4,             random >=1.0 && <1.3,             pipes >=4 && <4.4,             feed >=1.1 && <1.4,@@ -233,6 +228,8 @@             text-short ==0.1.*,             mime-mail >=0.4.4 && < 0.6,             smtp-mail >=0.1.4.1 && < 0.4,+            memory >= 0.11 && <0.16,+            cryptonite >= 0.16 && <0.28,             argon2 ==1.3.*          if !impl(ghc >=8.0)